Summary: The Medusa ransomware has impacted over 300 organizations in critical infrastructure sectors across the United States, according to a joint advisory from CISA, the FBI, and MS-ISAC. Initially emerging in January 2021, the operation escalated in 2023 with the launch of a leak site to pressure victims. Organizations are advised to implement specific mitigations to defend against these attacks.
Affected: United States critical infrastructure sectors
Keypoints :
- Over 300 victims, including those in medical, education, legal, insurance, technology, and manufacturing sectors.
- Medusa ransomware evolved from a closed operation to a Ransomware-as-a-Service (RaaS) model.
- Defensive measures recommended include patching known vulnerabilities, segmenting networks, and filtering untrusted traffic.